[Zope] session within standard_error_message

[KevinL]

On Fri, 2002-08-02 at 02:14, Chris McDonough wrote:
> This is because the database transaction which contained the session
> write is aborted on an error.. this is "normal" Zope behavior, and
> unfortunately there's no easy way around it.  Why do you want to set
> a session variable on an error display, maybe there's a better way?

Laziness mostly, I suspect.  I'm abusing standard_error_message to catch
an auth failure and bounce the user to a different folder/product
instance based on the '@domain' portion of their username.  The right
way(tm) is to write my own auth module, but I haven't had time to deal
with that for this project - it's high on the list of changes once we're
clear the current press.  In the meantime, it looks like setting a
cookie on the client, combined with redirecting them, may work -
although I'm a bit concerned about browser-specific issues with that
"solution".

The problem, essentially, is that I have a system that allows creation
of multiple "realms", and only have a single login page (in a default
realm).  If the user enters "user@realm" as the username to that login
page (each realm being a completely separate instance of a product), I
need to quietly redirect them to the appropriate location and log them
in - without allowing the username and/or password to appear in the URL
(ie. not a get request, hence no meta-refreshes).  I've hacked up
exUserFolder to get most of what I needed, but it's a bit rough.  I was
going to lean on session data for holding user/pass over the redirect,
but that doesn't work, more's the pity.

Not to worry, I'll bludgeon it into submission for now, and clean off
the edges in a week or two when it all calms down a bit.  Thanks all for
responses.

KJL